Which VM and How To Get Started?

Discussion in 'Virtualization' started by byghtn3, Feb 22, 2010.

  1. byghtn3

    byghtn3 MDL Junior Member

    Jun 10, 2009
    84
    0
    0
    Hello All,

    I asked this question in VIRTUALIZATION section and only got a few responses for Sandboxie. Is this a reliable security type VM?

    Which VM do you use when you are testing your new install scripts, or trying to avoid virus problems while using the internet, or when testing how you can break the new protection scheme. It seems many of you are always reinstalling something in the VM.

    I am interested in knowing which VM you like, what your computer basic specification are & anything else you think is pertinant.

    I have 5 reasonable computers available to me:
    1. P4 2.4GHz 400 2GB-RAMDDR (only 2 mem slots) 250GB HD PATA-This computer
    2. P4 2.4GHz 800 2GB-RAMDDR (only 2 mem slots) 250GB HD PATA
    3. P4 (561) 3.4GHz 800 4GB-RAMDDR (4GB Max)250GB HD PATA
    4. Q6600 2GB-RAMDDR (only 2 mem slots) 250GB HD PATA
    5. Unknown HP Dual Core ????? not here but available
    6. Linksys Router BEFSR41. Rev 2

    As well as virus-trojan-key logger-etc proof, I am looking for the most security for banking and protection of financial data, as well as everyday+every other kind of use for a computer, but I need to keep that financial stuff extra clean.

    Do any of these look too Lo-power to work for virus proof VM service? Do they need significant upgrades? 64BIT mode and lots more ram?
    Should I consider the XP-MODE for W7Ultimate as a viable secure & virus proof VM?
    LINUX?--Don't know hardly anything about LINUX. I can barely spell it. LENNOX LENOX....

    Any additional advice or questions?

    Thanks,
    Byghtn3
     
  2. timesurfer

    timesurfer MDL Developer

    Nov 22, 2009
    8,527
    4,068
    270
    I use vbox and it works fine on my dual core 2GB ram laptop
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. jbysmith

    jbysmith MDL Junior Member

    Feb 8, 2008
    77
    7
    0
    #3 jbysmith, Feb 22, 2010
    Last edited: Feb 22, 2010
    I'm a fan of VirtualBox as well. Easy to setup and maintain, and it's a freebie. VM's are pretty much secure as far as testing unknowns go, the only way crapware will be able to get out is via a network connection. If the VM gets infected, restore a backup or just blast it, and it's done. The VM is not crapware proof. It's just a virtual computer, it can get infected just like any other, but it's damn easy to clean if it does. Copy or erase the virtual hard disk file, and it's done. Also comes in handy for a few really old games that were designed for 95 that don't play nice in compatibility mode. VBox and VMWare even feature 3D acceleration. Not as nicely integrated as XP Mode in Win7, but if you're concerned about rogue software I don't think I'd be liking it sharing files on my local file system anyway.

    Sandboxie isn't virtualization, it's more of a "private copy" of the OS; it'll read your files, registry etc etc, but anything saved goes it a special directory instead, totally transparent to the program being run. If it works.. I've had a couple not like running in a sandbox, not many but it comes up. When that happens, I fire up VBox.

    Linux being hackproof is a myth, it has security weak spots just like any other operating system, either through operator error/lack of experience, bugs in software (Debian's key issue anyone?), etc etc.. if you don't know the OS, you're better off working with something you're comfortable with or you may make a mistake that could leave your system wide open. Just ask any web host how many times accounts get hacked. If you do go that route tho, just my opinion but BSD would be the better bet. For my tastes, too many people tinkering with code between the authors and the end users in Linux.. every bit of modifications can introduce a new attack surface if they mess it up.
     
  4. secr9tos

    secr9tos MDL Addicted

    Jul 28, 2009
    999
    133
    30
    VirtualBox here also...
     
  5. alextheg

    alextheg Super Moderator
    Staff Member

    Jan 7, 2009
    1,776
    806
    60
    Please keep posts in relevant threads and be patient for replies. Posting the same question in two sub forums isn't allowed.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. RandomUser

    RandomUser MDL Novice

    Mar 16, 2009
    28
    2
    0
    Actually in VMware you do not even have to go through that process. VMware has a feature that any changes made to the virtual machine is discarded. So that every time you power on your virtual machine, it will be a clean machine all the time. Here is how to do it (VMware 7) Click on "Edit virtual machine settings" or on the HDD icon on the side. Then click on "Hard Disk", then "Advance" button, and under the "mode" box or field, you would need to check "Independent" and then select "Nonpersistent." and of course click on the "Ok" Button.
    Another way is, you could get a MAC and run MAC OS X;).
     
  7. abogangster

    abogangster MDL Novice

    Jan 23, 2009
    14
    0
    0
    This is a very interesting and quite complex to answer post, it not only involves virtualization options, but also configuration options in the OS itself.

    I have been using Vm's quite a bit, Virtual PC, VirtualBox, VMware, etc.

    VMware and Virtualbox are my 2 preferred ones, rich features, very good integration with host OS'es, a very decent memory footprint, Virtual PC lacks some features, but is very well integrated with Windows.

    In my opinion, there is no "adecuate" VM product by itself, it depends a lot of what you want to do, wich OS to use (both, host and guest), the vm capabilities you need and of course the hardware you plan to use.

    Hardware: Of the 5 computers you mention, all seem to have the capacity to run any VM, when talking about VM's I do preffer RAM over Processor Power, so if you can add more RAM to the Q6600 or the Dual Core, go for it (you may even gain access to advanced virtualization extensions in the processor), if not then stick with the P4 561.

    Host OS: Since you mention Linux is out of the question, I assume only 2 possible hosts, Windows XP or Windows 7, by the way, if using Windows 7 you'll definitly need those 4 Gigs of RAM from the P4 561, Windows 7 is a little bit more secure than XP (just a little), but also it uses a lot of RAM.

    Windows XP on the other hand is less secure (with default settings), but also consumes less memory, and if you can tune it up disabling a lot of unused services (or better yet use nLite to get a customized version of the OS), you could have an excellent host.

    Guest OS: Windows XP, why?, first great reason lower memory requirements compared to Vista and 7, second very well documented security tweaks, third customizable via nLite, fourth still has support from MS.

    And since you don't like to use Linux, that does it, is the best choice avaliable.

    Please if you have the chance, take a moment to learn about and try nLite, it's a hell of a program, it strips down a Windows XP installation source and also could apply some tweaks, it's invaluable for building a thigh and at some degree faster Windows XP OS.

    At this point, you must ask yourself a couple of questions, do you need usb support on the guest?, do you need advanced networking support on it?, do you need a little more advanced graphics support?.

    If you answer was "no" to these 3 questions, go for Microsoft Virtual PC as VM plattform, it's tighly integrated with windows.

    That leaves VirtualBox and Vmware, both programs are very capable virtualization plattforms, to the point of being in quite equal terms, one free the other not, but the last version of the Vmware Player has the hability to create VM's and it's free for personal use (registration required to download).

    So what do you want to do with your VM?.

    Banking and protection of financial data... mmm, at this point I am assuming that means browsing web sites safely as your primary objetive, for that the first thing to achieve is to secure the guest OS, second is to get a secure mechanism for browsing, and third to secure the data stored on the VM's HD.

    1. Microsoft has a guide for "Hardening" XP clients, it has advise for disabling unused services, some tweaks and security templates, look for it, and apply everything you consider suitable for your use.

    2. There are programs like XP Safe, WWDC, XQsetup, etc, that help with extra funcionality and security tweaks.

    3. Either update Internet Explorer to version 8 on the guest machine, or better yet, use Mozilla Firefox.

    4. Look for hardening tips for the web browser, or use some program to help elevate security like Spywareblaster or Haute Secure (if still avaliable).

    5. Use the encryption option for your user folder or use third party encryption apps for your data.

    6. Remember, no matter how secure your virtual machine could be, if your host machine gets compromised, the whole system (vm included) is at risk, so, also apply hardening techniques to your host system, and use a good antivirus solution, at the very least install Microsoft Security Essentials.

    One more note regarding hardware, the very minimum practical system requirements in my experience are a P4 at 2 ghz, and 1 GB or RAM using Windows XP or Linux as hosts, 2 GB of RAM if using Vista or 7, and guest OS that use about 256 MB of virtual RAM.

    Also I had managed to use personalized (stripped) versions of linux as hosts and windows xp and 2000 as guests with 512 of RAM, but it's not advisable.

    Ps. By the way, sorry for any errors on my english, it's not my native language.
     
  8. byghtn3

    byghtn3 MDL Junior Member

    Jun 10, 2009
    84
    0
    0
    #10 byghtn3, Mar 6, 2010
    Last edited: Mar 6, 2010
    (OP)
    Abogangster,
    Thanks for your reply.

    The ultimate reason for VM is internet security. I am currently running NAV 2009, and still got the virus/trojan GOORED. I tried 15 different solutions before sucess at getting rid of GOORED. (Adaware, Spybot, Kasperski online, NAV online, TrendMicro online, Panda online, HiJack this, Sophos, and others, finally Hitman PRO 3.5 (free for 30 days) fixed the GOORED problem. Each of the 15 different solutions found different problems not found by the previous solutions. No single virus solution is enough protection as seen above with 15 different solutions and 15 different sets of problems.

    So I got to thinking ----- If i was to do internet from a VM Image from a DVD/CD, I could not get infected, just remove CD/DVD and restart a clean computer. Then I was thinking I could have an image for banking & bill pay configured for best security/most restrictive settings. When I was done banking 1-2x month, I could load a different CD/DVD for more conventional computing, like e-mail, TIVO to dvd copying, video compression/conversion, try new programs downloaded from internet--like W7 utilities from this site, or practice making W7 install disk with latest patches, & tweeks from this site, etc. I would need some e-mail for the banking as well as email for daily use. Dont know how to have 2 "VM computers" accessing the same e-mail account with such large date differences (banking only 2x-month)

    Then I was thinking about children and other uneducated users getting infected w/viruses & trojans while using their computers and thought this would be a solution for them as well.

    As for the actual hardware, these are older hardware-DDR1 memory with 2 memory slots, (only the 561 motherboard has 4 slots) all have 4gig max(even the Q6600, maybe get new MB for this to have access to 16Gig ram), so currently each machine will have only 2gig available (ecx 561 machine w/4G). Low Density 2GIG memory SIMMs are very expensive for these machines, I could have a new technology computer for the cost of these SIMMS

    Do you have any other advice or technical details to offer?

    Again Thanks for your info
    Byghtn3

    P.S. your english is very good, and better than many english speaking posters here. I only had a problem with this one
    ""it's invaluable for building a thigh and at some degree faster Windows XP OS.""
     
  9. sebus

    sebus MDL Guru

    Jul 23, 2008
    5,890
    1,778
    180
    #11 sebus, Mar 6, 2010
    Last edited: Mar 7, 2010
    Use ?buntu (if you can not spell l-i-n-u-x), you have much smaller chance to get infected.
    Will run nicely on older hardware, and once in use it is not that much of a problem (give it to the kid that never saw one, and check how well he can deal with it)
    Also for now change NAV for ANYTHING else (Kaspersky?)

    And going virtual is NOT going to make it safer by itself. By default it makes it less secure, as it adds the subconscious feeling of security (as it is "NOT" really a computer in user mind), which is simply not there.
    VM IS a computer, only not on physical hardware, and needs to be treated the same way

    Ofcourse the BEST protection is to NEVER connect to ANY network & NEVER plugin any USB drive or read any CD/floppy
    That will do it

    sebus
     
  10. spacednow

    spacednow MDL Member

    Aug 26, 2009
    229
    3
    10
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. byghtn3

    byghtn3 MDL Junior Member

    Jun 10, 2009
    84
    0
    0
    Not that I am arguing with you, but 14 other "solutions" including Kaspersky, Panda, Trend Micro, NOD, Macaffe, etc also could not find the problem. Upload a suspicious file to TotalVirus.com, it uses 40 dif programs and gives 5-20 different answers as to whether ""it"" is a virus and what kind it is.

    Nav is better than nothing and 2010 got top marks this year. 2010 did not figure this out either--makes me think HitMan Pro 3.5 may have created GOORED so they could "FIX" it. The usual NAV complaint is system overhead, not so much actual protection.
     
  12. byghtn3

    byghtn3 MDL Junior Member

    Jun 10, 2009
    84
    0
    0
    If virtual OS is a CD image, and the host is a CD image, where is the danger? Please explain my error.


    My real question mark is the e-mail data may reside on a changeable/accessable partition on the fixed disk.

    Byghtn3
     
  13. the sultan

    the sultan MDL Novice

    Mar 2, 2010
    6
    0
    0
    Have you considered this

    I too run multiple PCs at home - I now use an older P4 laptop (with wired network) for online banking ONLY, nothing else - It runs XP SP3 with Firefox and the latest windows and anti-virus (McAfee) updates.
     
  14. sebus

    sebus MDL Guru

    Jul 23, 2008
    5,890
    1,778
    180
    CD image? What are you talking about? Yes, it is image file, but unless you make it in Vmware & chose Independent/Non-persitent for the HD, then it is just a NORMAL PC with all the changes to the OS partition staying on.
    And do not live under illusion of safety just because you run virtual machine, you still have HOST OS that is accessible as NORMAL PC also

    Recommended to read & learn & then make your own judgements

    sebus

    sebus
     
  15. sebus

    sebus MDL Guru

    Jul 23, 2008
    5,890
    1,778
    180
    Yes, that works fine, but virtualization for now is ONLY required for Parallels, and NOT any other virtualization software

    sebus
     
  16. byghtn3

    byghtn3 MDL Junior Member

    Jun 10, 2009
    84
    0
    0
    #18 byghtn3, Mar 7, 2010
    Last edited: Mar 7, 2010
    (OP)
    Trying to read & learn from you.......and others as well.

    I have a found a new friend on the internet that says he has a CD image that boots and loads a VMEnvironment, then he loads a 2nd CD that has a VM Windows XP with several programs installed that he uses daily. When done he turns off the VMXP, then turns off the PC. When he restarts the next day he has an empty PC to start over with again. I think the first PCimage is a linux flavor.
    I think I remember him saying he had NO Fixed Disk in 1 computer and works this way always. I can't contact him today to find out more if I have the wrong information.

    Do you think I have misunderstood this new friend?

    Byghtn3
     
  17. iamanoob

    iamanoob MDL Senior Member

    Feb 28, 2010
    402
    45
    10
    #20 iamanoob, Mar 8, 2010
    Last edited: Mar 8, 2010